[NA-Discuss] Policy Failure Enables Mass Malware: Part II(ICANN and OnlineNIC)
gbruen at knujon.com
gbruen at knujon.com
Thu Sep 30 12:12:00 UTC 2010
SECURETABS[DOT]NET is now finally offline after 74 days, but there are still
three other malware-redirected domains in this scheme: GENERICTAB.COM
(TUCOWS), CHEAPDRUGSNORX.COM (OnlineNIC), BESTGENERICPHARMA.COM (DIRECTNIC).
The domain that controls the rotation of these sites: PHARM-TRACKER.COM is
also sponsored by OnLineNIC. All described in the full report:
http://www.knujon.com/WDPRS_failures_malware_intrusion_securetabsDOTnet_Knujon_september10.pdf
--------------------------------------------------
From: <gbruen at knujon.com>
Sent: Wednesday, September 29, 2010 7:21 PM
To: "Michele Neylon :: Blacknight" <michele at blacknight.ie>
Cc: <na-discuss at atlarge-lists.icann.org>
Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part II(ICANN
and OnlineNIC)
> Michele,
>
> I've made it quite clear. The unlicensed pharmacy domain promoted through
> thousands of hacked websites has false WHOIS which they failed to correct
> within the stipulated time. The sponsoring Registrar failed to investigate
> and suspend the domain within the stipulated time. ICANN failed to address
> the original complaint against the domain with the Registrar and
> completely
> botched the complaint against the Registrar.
>
> Would you still feel the same if it were your site that was hacked on
> behalf
> of a non-compliant sponsored by a non-compliant Registrar?
>
> You'll see in our follow-up next week how a Registrar was actually the
> VICTIM of such a scheme. Some might even say this was an "attack" from a
> competing domain company.
>
> -Garth
>
> --------------------------------------------------
> From: "Michele Neylon :: Blacknight" <michele at blacknight.ie>
> Sent: Wednesday, September 29, 2010 4:43 PM
> To: "Garth Bruen at KnujOn" <gbruen at knujon.com>
> Cc: <wendy at seltzer.com>; <na-discuss at atlarge-lists.icann.org>
> Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part II
> (ICANN and OnlineNIC)
>
>> And what exactly are those roles?
>>
>> I know I may live to regret asking, but I would love to know.
>>
>> Or is this one of those "let's make it ICANN's problem since registrars
>> are obviously evil"?
>>
>>
>> Mr. Michele Neylon
>> Blacknight
>> http://Blacknight.tel
>>
>> Via iPhone so excuse typos and brevity
>>
>> On 29 Sep 2010, at 22:34, "Garth Bruen at KnujOn" <gbruen at knujon.com>
>> wrote:
>>
>>> That's kind of a leap in logic, we're talking about specific icann roles
>>>
>>>
>>>> -------- Original Message --------
>>>> Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part II
>>>> (ICANN and OnlineNIC)
>>>> From: Wendy Seltzer <wendy at seltzer.com>
>>>> Date: Wed, September 29, 2010 4:26 pm
>>>> To: Garth Bruen at KnujOn <gbruen at knujon.com>
>>>> Cc: Evan Leibovitch <evan at telly.org>,
>>>> na-discuss at atlarge-lists.icann.org
>>>>
>>>> And I suppose you'd support COICA, the US proposal to censor domain
>>>> names "dedicated to infringing activity" too?
>>>>
>>>> I certainly would not want to see ICANN in here.
>>>> <http://wendy.seltzer.org/blog/archives/2010/09/21/copyright-censorship-and-domain-name-blacklists-at-home-in-the-us.html>
>>>>
>>>> --Wendy
>>>>
>>>> On 09/29/2010 03:34 PM, Garth Bruen at KnujOn wrote:
>>>>> I believe there is an ATRT meeting next month here in Boston, not sure
>>>>> where yet, would be happy to participate.
>>>>>
>>>>>
>>>>>
>>>>>> -------- Original Message --------
>>>>>> Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part
>>>>>> II
>>>>>> (ICANN and OnlineNIC)
>>>>>> From: Evan Leibovitch <evan at telly.org>
>>>>>> Date: Wed, September 29, 2010 3:22 pm
>>>>>> To: Beau Brendler <beaubrendler at earthlink.net>
>>>>>> Cc: Garth Bruen at KnujOn <gbruen at knujon.com>,
>>>>>> na-discuss at atlarge-lists.icann.org
>>>>>>
>>>>>>
>>>>>> On 29 September 2010 15:11, Beau Brendler
>>>>>> <beaubrendler at earthlink.net>wrote:
>>>>>>
>>>>>>>
>>>>>>> "ICANN’s vice president of government affairs for the Americas,
>>>>>>> Jamie
>>>>>>> Hedlund, said the meeting was “outside the scope of our role as the
>>>>>>> technical coordinator of the Internet’s unique identifiers.”
>>>>>>>
>>>>>>> How is enforcing the provisions of the RAA outside the scope of its
>>>>>>> role?
>>>>>>>
>>>>>>>
>>>>>> I smell another ATRT submission....
>>>>>>
>>>>>> This is worth escalating to the global At-Large lists, IMO.
>>>>>>
>>>>>> - Evan
>>>>>
>>>>>
>>>>> ------
>>>>> NA-Discuss mailing list
>>>>> NA-Discuss at atlarge-lists.icann.org
>>>>> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
>>>>>
>>>>> Visit the NARALO online at http://www.naralo.org
>>>>> ------
>>>>
>>>>
>>>> --
>>>> Wendy Seltzer -- wendy at seltzer.org +1 914-374-0613
>>>> Fellow, Princeton Center for Information Technology Policy
>>>> Fellow, Berkman Center for Internet & Society at Harvard University
>>>> http://cyber.law.harvard.edu/seltzer.html
>>>> http://www.chillingeffects.org/
>>>> https://www.torproject.org/
>>>> http://www.freedom-to-tinker.com/
>>> ------
>>> NA-Discuss mailing list
>>> NA-Discuss at atlarge-lists.icann.org
>>> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
>>>
>>> Visit the NARALO online at http://www.naralo.org
>>> ------
>>
> ------
> NA-Discuss mailing list
> NA-Discuss at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
>
> Visit the NARALO online at http://www.naralo.org
> ------
>
More information about the NA-Discuss
mailing list